Zach Riggle zachriggle
zachriggle
/ gist:939024
Created
April 23, 2011 22:12
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import md5, sys | |
| h = '\x8b\x07Y\x98!\n\x1a\xc8\x86\xe8G\x0f\x9a\x8b[\xc0'.encode('hex') | |
| def chk(s): | |
| print s | |
| if (md5.new(s).hexdigest() == h): | |
| sys.exit() |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Leading Tabs, align with tabs | |
| print "Hello" # Comment | |
| print "Hello, world" # Comment | |
| # Leading tabs, align with space | |
| print "Hello" # Comment | |
| print "Hello, world" # Comment |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ~ ⮀ sudo nmap -sT -T Insane -P0 -A 192.168.1.2 192.168.1.66 192.168.1.79 192.168.1.80 192.168.1.117 192.168.1.213 192.168.1.214 192.168.1.254 -v -v --privileged | |
| Starting Nmap 6.25 ( http://nmap.org ) at 2013-05-27 14:58 EDT | |
| NSE: Loaded 106 scripts for scanning. | |
| NSE: Script Pre-scanning. | |
| NSE: Starting runlevel 1 (of 2) scan. | |
| NSE: Starting runlevel 2 (of 2) scan. | |
| Initiating Parallel DNS resolution of 8 hosts. at 14:58 | |
| Completed Parallel DNS resolution of 8 hosts. at 14:58, 0.74s elapsed | |
| Initiating Connect Scan at 14:58 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| msf auxiliary(mysql_schemadump) > run | |
| [*] Schema stored in: /Users/zachriggle/.msf4/loot/20130527165753_default_192.168.1.79_mysql_schema_235782.txt | |
| [+] MySQL Server Schema | |
| Host: 192.168.1.79 | |
| Port: 3306 | |
| ==================== | |
| --- | |
| - DBName: BadApple |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import scapy, struct, socket, binascii, logging | |
| from scapy.all import * | |
| from collections import defaultdict | |
| # | |
| # Entry | |
| # | |
| def USBIP(PacketData): | |
| if PacketData[:2] == '\x01\x11': |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| RARVM reversible/patchme | |
| Modified 'unrar' source to dump context and disassembly. | |
| Wrote two separate solvers since the challenge was broken. | |
| To build the disassembler/debugger: | |
| - unzip unrar-src-disassembler.zip -d unrar | |
| - cd unrar |
zachriggle
/ gist:11301543
Created
April 25, 2014 20:08
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am zachriggle on github. | |
| * I am zachriggle (https://keybase.io/zachriggle) on keybase. | |
| * I have a public key whose fingerprint is C5BE 5AF8 DD76 E311 630E 5E26 683A C112 1586 0611 | |
| To claim this, I am signing this object: |
zachriggle
/ map
Created
April 29, 2014 19:53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| gdb-peda$ set disable-randomization off | |
| gdb-peda$ break main | |
| gdb-peda$ run | |
| gdb-peda$ vmmap | |
| 0x00007fe6e01d7000 0x00007fe6e01d8000 r-xp /home/user/a.out | |
| 0xffffffffff600000 0xffffffffff601000 r-xp [vsyscall] | |
| gdb-peda$ run | |
| gdb-peda$ vmmap | |
| 0x00007f7acee88000 0x00007f7acee89000 r-xp /home/user/a.out | |
| 0xffffffffff600000 0xffffffffff601000 r-xp [vsyscall] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ ] anal: ldr code analysis | |
| [OK] | |
| [ ] anal: endian | |
| [OK] | |
| [ ] anal: af java multiple classes loaded via malloc and ib | |
| [BR] | |
| Command: /usr/local/bin/radare2 -e scr.color=0 -N -q -i /tmp/r2-regressions//anal-rad.Snxmol malloc://1023 > /tmp/r2-regressions//anal-out.pyjpEd 2> /tmp/r2-regressions//anal-err.xuWjRM | |
| Script: | |
| e asm.comments=false |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| import fileinput | |
| import re | |
| import binascii | |
| import struct | |
| unhex = binascii.unhexlify | |
| u32 = lambda x: struct.unpack('>L', x)[0] | |
| hexa = r'[0-9A-F]' | |
| pattern = r'(%s{8}): (%s{2}) (%s{2})' % (hexa, hexa, hexa) |
OlderNewer